Lighthouse: Energy Security Thoughts & Snippets

The New York Times has been hacked, prompted by an investigation by the New York Times into the amassed fortune of Chinese Prime Minister Wen Jiabao's family.

The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them, said computer security experts at Mandiant, the company hired by The Times. They apparently used the same university computers that hackers working for the Chinese military used previously to attack Defense Department contractors.

Security experts found evidence that the hackers stole the corporate passwords for every Times employee and used those to gain access to the personal computers of 53 employees, most of them outside The Times’s newsroom. Experts found no evidence that the intruders used the passwords to seek information that was not related to the reporting on the Wen family.

During the three months they were in the paper’s network, the attackers installed 45 pieces of custom malware, though nearly all of it went undetected. Although the newspaper uses antivirus products made by Symantec, the monitoring software identified and quarantined only one of the attacker’s tools during that time, according to the report.

Michael Higgins, chief security officer at The Times, said: “Attackers no longer go after our firewall. They go after individuals. They send a malicious piece of code to your e-mail account and you’re opening it and letting them in.”

Exclusive Analysis, a London-based risk assessor and forecaster, warned twice last year that oil and gas assets in southern Algeria and foreign personnel employed there could be the target of kidnapping and attacks by Jihadist militants.

In an ominously near-accurate prediction, intelligence experts at the firm referred to the In Amenas gas plant by name, warning foreign employees working there "would be at risk" from kidnapping for ransom.

[...]"Weeks before September 11 the U.S. intelligence warned against plane hijacking but the White House couldn't address the threat appropriately because it wasn't specific enough," said Dr. Gal Luft, a senior adviser to the United States Energy Security Council and a former lieutenant colonel in the Israel Defense Forces.

"Issuing a warning is easy; acting on them is a whole different matter," Luft added. "My main takeaway from the episode is the importance of better coordination between private and public sectors in such energy compounds. Our experience shows that many of the attacks are aided by insiders who are not sufficiently vetted."

While the attack in Algeria that killed at least 38 hostages was the deadliest raid on the oil industry in five years, it’s far from unprecedented.

From Colombia to Yemen, oil workers have suffered violence for decades as militants strike an industry seen symbolizing political and economic power. The bloodiest attack came in 2007 when 72 people died after a secessionist group in Ethiopia overran a camp run by China Petroleum & Chemical Corp. (600028), according to the University of Maryland’s Global Terrorism Database. Each week about three attacks were made worldwide on oil employees and installations in 2011, the data show.

“This attack has surely got some attention, but I wouldn’t say it’s an outlier,” said Gal Luft, co-director of the Institute for the Analysis of Global Security in Washington. “If you want oil and gas you have to go to these places. This is the cost of doing business.”

The Department of Homeland Security reports that in 2012, ICS-CERT responded to a steady stream of cyber incidents, coordinated ICS vulnerabilities with vendors, and produced alerts and advisories to notify the ICS community of emerging cyber risks.

For fiscal year 2012, the largest single target for cyber security incidents was the Energy sector, accounting for 41% of attacks, followed by water (15% ) and internet-facing (11%).

In fiscal year 2012, ICS-CERT received and responded to 198 cyber incidents as reported by asset owners and industry partners. Attacks against the energy sector represented 41 % of the total number of incidents. Notably, ICS-CERT assisted 23 ONG sector organizations with incident response and recovery efforts following a targeted spear-phishing campaign. Analysis of the targeted systems indicated that information pertaining to the ICS/SCADA environment, including data that could facilitate remote unauthorized operations, was exfiltrated. ICS-CERT worked closely with many of the involved organizations and during the course of this response effort, analyzed over 50 malware samples and malicious files, 20 emails, and 38 hard drive images to determine the extent of the compromise and identify the techniques and tactics used the threat actors. ICS-CERT also deployed onsite incident response teams to assist 2 organizations that were compromised as a result of this campaign.

In an address last year, Harold Hongju Koh, Legal Advisor to the U.S. Department of State asserted that a cyber attack can be considered to be an act of war, and reserves the right to respond with force.

Excerpt:

Question 3: Do cyber activities ever constitute a use of force?

Answer 3: Yes. Cyber activities may in certain circumstances constitute uses of force within the meaning of Article 2(4) of the UN Charter and customary international law. In analyzing whether a cyber operation would constitute a use of force, most commentators focus on whether the direct physical injury and property damage resulting from the cyber event looks like that which would be considered a use of force if produced by kinetic weapons. Cyber activities that proximately result in death, injury, or significant destruction would likely be viewed as a use of force. In assessing whether an event constituted a use of force in or through cyberspace, we must evaluate factors: including the context of the event, the actor perpetrating the action (recognizing challenging issues of attribution in cyberspace), the target and location, effects and intent, among other possible issues. Commonly cited examples of cyber activity that would constitute a use of force include, for example: (1) operations that trigger a nuclear plant meltdown; (2) operations that open a dam above a populated area causing destruction; or (3) operations that disable air traffic control resulting in airplane crashes. Only a moment’s reflection makes you realize that this is common sense: if the physical consequences of a cyber attack work the kind of physical damage that dropping a bomb or firing a missile would, that cyber attack should equally be considered a use of force.

Question 4: May a State ever respond to a computer network attack by exercising a right of national self-defense?

Answer 4: Yes. A State’s national right of self-defense, recognized in Article 51 of the UN Charter, may be triggered by computer network activities that amount to an armed attack or imminent threat thereof. As the United States affirmed in its 2011 International Strategy for Cyberspace, “when warranted, the United States will respond to hostile acts in cyberspace as we would to any other threat to our country.”

In the wake of the brutal terrorist attack on the gas field in Algeria, world leaders are expressing their reactions at the end of a four-day siege that claimed the lives of people from eight countries.

The plant was a joint–venture operated by British firm BP, Statoil of Norway and Sonatrach of Algeria.

Algerian Prime Minister Abdelmalek Sellal said that Algerian special forces moved in before militants carried out their plan to detonate explosives at the facility. "If it exploded, it could have killed and destroyed anything within 5 kilometers or further," Sallal said.

In an interview with American Press today, Prime Minister David Cameron said, "The threat has grown particularly in Africa." He continued, "This is a global threat, and it will require a global response."

"In January [2012,] Ali Naimi, the Saudi oil minister, said that the world’s largest oil producer aimed to keep oil prices at the triple-digit level throughout 2012....[AK: and indeed that's what happened for most of the year.] Opec’s net [2012] oil export revenues [hit] a peak of $1,052bn in nominal terms, up 2.5 per cent from last year.... A decade ago, Opec countries made just under $200bn selling their oil. In real terms, adjusted for inflation, Opec’s revenues in 2012 were also the highest ever, surpassing the peaks set during the oil crises of 1973-74 and 1979-81."

Also in 2012, drivers paid record prices for gasoline. AAA via Bloomberg: "The national average price of gasoline in 2012 was $3.60 a gallon, nine cents more than the previous annual record set last year."

(Reuters) - The U.N. nuclear watchdog said on Tuesday information stolen from one of its former servers had been posted on a hacker website and it was taking "all possible steps" to ensure its computer systems and data were protected.

The stolen information was contained in a statement by a group with an Iranian-sounding name calling for an inquiry into Israel's nuclear activities. The International Atomic Energy Agency (IAEA) is investigating Iran's nuclear program.

The IAEA said the theft concerned "some contact details related to experts working" with the Vienna-based agency but it did not say who might have been behind the action.

India’s northern state blackout has spread from affecting the region's 360 million now to over 600 million people or nearly twice the population of the United States. These power outages are a testament as to why the “I” in BRIC needs a reliable supply of electricity above all else. Northern India has faced power outages this summer due to among other reasons, a lack of fuel for power generation. Others point to some Indian states drawing off more power than allocated and others point to the confluence of summer heat, agricultural irrigation that draws on huge amounts of power, and India's burgeoning population and the demands that put on the grid. .

In the short term, this has everything to do with keeping the lights on. In the longer term, the electricity-fuel issue has everything to do with the economic development and security of the Indian state and its people. While the specific causes behind the ongoing blackouts may not be identified for sometime many remain in the dark. In fueling its future, India is looking at neighboring Myanmar as one source for ensuring the lights don’t go out again. Journal of Energy Security (JES) contributor Varigonda Kesava Chandra in Singapore has been working on an extensive piece on India’s electricity sector and the fuel challenges to powering its grid. To see the full copy of this analysis which will be published in the July 2012 edition of the JES click here.

In the April issue of the JES Chandra contributed an article on the problems India has had in building gas pipelines to feed its growing economy.

"The United States stands on the cusp of a global strategic advantage of huge significance. It is now within our grasp to cut the Gordian knot of energy policy, transforming our economic prospects in a fairly short period. Seizing this advantage does not require or depend on an esoteric technological breakthrough. It does not require allied assistance. It does not require a great deal of citizen sacrifice, discipline or patience. It does not require new taxes or convoluted cap-and-trade schemes. It merely requires that the Administration and the U.S. Congress get their collective head straight for once about a policy area in which politically ecumenical futility has been the norm for nearly forty years."

May 13: Blast on Yemeni natural gas pipeline supplying the Balhaf Export terminal in the Gulf of Aden, near Mayfaa in Shabwa province. Prior attack on April 26. Both apparently Al Qaeda.

May 30: Blast on 12in Syrian oil pipeline in Deir al-Zor province, connecting Abu Hamam and Gharaneej. Prior attacks: April 21, same pipeline; April 30, oil pipeline between the villages of Mahkan and al-Qouriya in Deri Ezzor, valve damaged and large amounts of oil leaked; March 26, blast on diesel pipeline between Hama and Homs at Taldao; February 15, diesel pipeline connecting Homs refinery with fuel tanks in Arda. There's also a report of a May 15 blast near al-Mayadeen on the oil pipeline to Banias refinery.

May 30: Blast on Azerbaijan-Turkey natural gas pipeline near Sarikamis.

A number of recent articles regarding the provision restricting spending on non-petroleum fuels in the recent National Defense Authorization bill passed by the U.S. House of Representatives appear to have gotten the story wrong. It's a pretty confusing story to follow so that's not surprising.

For example, Fred Kaplan writes in Slate: "Republican leaders passed an amendment barring the entire Defense Department from using any alternative fuels, for any purpose, if they’re more expensive than oil. But then, in a shameless disclosure of who’s paying the tiller, they tacked on a provision exempting coal and natural gas from this prohibition." (emphasis added) Noah Shachtman wrote in Wired: "House Republicans...last Wednesday voted to impose its ban on alt-fuels that cost more than the traditional stuff....But the armed services committee didn’t put limits on all alternative fuels — just the ones with environmental benefits." These quotes imply that the cost restriction measures apply only to particular types of non-petroleum fuels.

This is not correct. Let's go down the legislative rabbit hole to untangle the confusion:

SEC. 313. EXEMPTION OF DEPARTMENT OF DEFENSE FROM ALTERNATIVE FUEL PROCUREMENT REQUIREMENT.Section 526 of the Energy Independence and Security Act of 2007 (Public Law 110-140; 42 U.S.C. 17142) is amended by adding at the end the following: `This section shall not apply to the Department of Defense.'.

SECTION 313--EXEMPTION OF DEPARTMENT OF DEFENSE FROM ALTERNATIVE FUEL PROCUREMENT REQUIREMENTThis section would amend section 526 of the Energy Independence and Security Act (42 U.S.C. 17142) to exempt the Department of Defense from the requirements related to contracts for alternative or synthetic fuel in that section.

Comment: Below follows the text of section 526 of the Energy Independence and Security Act (EISA) - 42 U.S.C 17142 - which Section 313 would make inapplicable to the DOD:

42 USC § 17142 - Procurement and acquisition of alternative fuelsNo Federal agency shall enter into a contract for procurement of an alternative or synthetic fuel, including a fuel produced from nonconventional petroleum sources, for any mobility-related use, other than for research or testing, unless the contract specifies that the lifecycle greenhouse gas emissions associated with the production and combustion of the fuel supplied under the contract must, on an ongoing basis, be less than or equal to such emissions from the equivalent conventional fuel produced from conventional petroleum sources.

Explanation: 42 U.S.C 17142 barred federal purchase of any non-petroleum fuel with higher greenhouse gas emissions than fuel made from conventional oil, which means it barred coal based fuels, fuels produced from unconventional oil such as tar sands, and potentially other types of fuels depending on how exactly lifecycle greenhouse gas emissions are measured (the measurement question is an issue well beyond the scope of this post.) While it would serve to limit greenhouse gas emissions of federally purchased fuels, by its very nature 42 U.S.C 17142 is an option limiting, and thus by definition energy security limiting, measure. (In case you're not clear on why I wrote by definition, let me quote myself: "When the British Navy made the shift from coal to oil, then Lord of the Admiralty Winston Churchill famously remarked, “safety and certainty in oil lies in variety and variety alone.” To diminish the strategic importance of oil to the international system it is now critical to expand the Churchillian doctrine beyond geographical variety to a variety of fuels and feedstocks.") Bottom line, Section 313 would serve to undo a limitation on fuel types, at least for the DOD, increasing its spectrum of allowable fuel options.

SEC. 314. LIMITATION ON AVAILABILITY OF FUNDS FOR PROCUREMENT OF ALTERNATIVE FUEL.

(a) Limitation- Except as provided in subsection (b), none of the funds authorized to be appropriated by this Act or otherwise made available during fiscal year 2013 for the Department of Defense may be obligated or expended for the production or purchase of any alternative fuel if the cost of producing or purchasing the alternative fuel exceeds the cost of producing or purchasing a traditional fossil fuel that would be used for the same purpose as the alternative fuel.

(b) Exception- Notwithstanding subsection (a), the Secretary of Defense may purchase such limited quantities of alternative fuels as are necessary to complete fleet certification for 50/50 blends. In such instances, the Secretary shall purchase such alternative fuel using competitive procedures and ensure the best purchase price for the fuel.

Report language:

SECTION 314--LIMITATION ON AVAILABILITY OF FUNDS FOR PROCUREMENT OF ALTERNATIVE FUELThis section would prohibit the use of funds for the production or purchase of any alternative fuel if the cost of producing or purchasing the alternative fuel exceeds the cost of producing or purchasing a traditional fossil fuel. This section would also provide an exception for the Secretary of Defense to purchase limited quantities of alternative fuels to complete fleet certification of 50/50 alternative fuel blends.(emphasis added)

Comment: It seems the exception bolded above is what Fred Kaplan was referring to when writing "they tacked on a provision exempting coal and natural gas from [the prohibition to buy non-petroleum fuels that are more expensive than petroleum based fuels.]" However, 50/50 blends means blends of 50% non-petroleum fuel (of fossil or renewable origin) and 50% petroleum fuel. See many examples of DOD 50/50 blends, listed in the several page Table A-1 (starting on p. 149 at this link.) So, for example, the exemption would apply to a 50/50 blend of bio-SPK and diesel fuel, whether the origin of the bio-SPK is fats, grease, food oil crops, energy crops, algae, and so on and so forth. The exemption would also apply to a 50/50 blend of bio-SPK and jet fuel, whether the origin of the bio-SPK is fats, grease, food oil crops, energy crops, algae, and so on and so forth. It would apply to a 50/50 blend of PRJ and jet fuel, whether the origin of PRJ is agricultural or forestry residue, energy crops, urban wood/mill waste, and so forth. It would also apply to 50/50 blends where the non-petroleum part is natural gas based, or coal based. I could go on but you get the picture. It's not correct to say there is a restriction in Section 314 that applies only to biofuels nor is it correct to say that the exemption in Section 314 applies only to natural gas or coal based fuels. Both parts of 314 apply to non-petroleum fuels regardless of whether their origin is fossil or renewable.

Hope this clarifies the morass a bit for those interested in this issue.

Federation of Indian Chambers of Commerce and Industry (FICCI) called on the Indian government to reduce its stake in PSUs [public sector units, of which Coal India Limited (CIL) is one] "to less than 50 per cent which would be sufficient enough for it to be part of all major decision making processes in the company but at the same time would help make PSUs observe basic market discipline." (Source: Economic Times.)

FICCI also urged reduction of energy subsidies: "Cross-subsidies prevail among consumer categories due to populism which leads to virtually giving free power for the agricultural sector. Revision of tariff is often guided by political pressures than economic reasons. Rationalisation of tariff for industry by reducing the gap between industry and domestic tariff is necessary"

BurmaNet News, an online news service that has covered developments in Burma (Myanmar) since 1994 joined a growing list of publications covering issues and stories pioneered by the Journal of Energy Security in April 2012. The online service reprinted in its entirety Varigonda Kesava Chandra’s article, “The Pipeline That Wasn’t: Myanmar-Bangladesh-India Natural Gas Pipeline” for its readers. It’s of course interesting to note that energy issues, as far afield as Myanmar, are gaining growing attention in both the mainstream and specialty press. Not to be outdone, The Australian, whose tag-line is Business with the Wall Street Journal, dedicated its article, “News Flashpoints Add to Energy Concerns,” discussing JES contributions in April from Muhammad Makki , Aditya Malhotra, as well as from Varigonda Chandra. The Journal is always interested in engaging our colleagues around the world in supporting coverage of the JES’ bread and butter issue of global energy security.

Cluster of attacks on gas pipelines in the Dera Bugti region. Early Tuesday: "explosive device was planted along the eight inch diameter gas pipeline in Dera Bugti. The detonation caused a big blast, disrupting the gas supply from Well No. 29 to the gas purification plant." Wednesday: a blast on an 18-inch diameter gas pipeline in Pir Koh area supplying gas from wells no 15, 21 and 19 to the Sui gas plant. This is ongoing.

Also Tuesday: "a 132 kV transmission pylon was blown up near Barkhan and Kholu suspending power supply to most of the villages of these districts."

China, which for years has taken the bulk of oil exported from Sudan and its former breakaway province, is hosting [South Sudan's President Salva Kiir this week] for talks on energy and infrastructure projects.

Beijing has offered to help build an export pipeline and provide technical help once the crisis with Sudan eases, according to South Sudan's deputy chief of protocol Gum Bol Noah, who accompanied Mr. Kiir to Beijing. The pipeline could cross neighboring Kenya to either the port of Mombasa or Lamu, Mr. Noah said.

China is by far the largest buyer of Sudanese crude, importing about 260,000 barrels a day last year, making Sudan its seventh-largest supplier. Shipments fell sharply after landlocked South Sudan suspended its 350,000 barrels-a-day production in January because of a disagreement over how much it should pay Sudan for transporting oil to its seaport.

South Sudan, under international pressure, last week withdrew its troops from the disputed oil town of Heglig, but Sudan's oil ministry said the fight left oil facilities there in rubble. In the south, 40% to 60% of oil wells have since been damaged by bombings and fighting, Mr. Noah said.

"The Tanzanian navy arrested the pirates in their skiff on April 18 near the Songsongo gas fields. Each of the five pirates was found in possession of a sub-machine gun," Tanzanian army spokesman Kapambale Mgawe said.

...Last October, Tanzania arrested seven suspected Somali pirates following an attack on an oil and gas exploration ship operated by Brazilian petroleum company Petrobras off the coast of the country.

And last year, it ordered its army to escort ships searching for oil and gas off its coast to protect them from pirates, who are believed to be targeting expatriate workers on exploration ships

Muhammad Makki's recent JES piece focused on China's quest for Arctic access and resources. Right on schedule, this week brought a state visit to Iceland by China's Premier Wen Jiabao, Minister of Foreign Affairs Yang Jiechi, Minister of Commerce Chen Deming and nine other ministers and deputy ministers, and Atle Staalesen reports the top item on the agenda was enhancing bilateral Arctic cooperation. Germany’s Deutsche Welle news service also references Makki’s article in the Journal with a much broader piece on China’s ambitions in the Arctic and the country’s tactic of wooing Scandinavian interests while trying to offset broader European concerns about China and the Arctic’s future.

Videos

New Books

"Remarkable collection spanning geopolitics, economy and technology. This timely and comprehensive volume is a one stop shop for anyone interested in one of the most important issues in international relations."U.S. Senator Richard G. Lugar

"A small masterpiece -- right on the money both strategically and technically, witty, far-sighted, and barbeques a number of sacred cows. Absolutely do not miss this." R. James Woolsey, Former CIA Director

"The book is going to become the Bible for everyone who is serious about energy and national security." Robert C. McFarlane, Former U.S. National Security Advisor